VeriSign Shuts Down SiteFinder Service Under Pressure from ICANN

Did you notice an interesting behavior from your Internet browser about a month ago? If you tried to locate a page on the Internet that didn't exist, your browser might have automatically redirected you to a VeriSign Web page instead of getting the typical error message, "The website cannot be found." On September 15, 2003, VeriSign added a wildcard to two Internet domain zones; in the DNS's top-level domain zones of .com and .net, VeriSign added a record that resolved to 64.94.110.11, the IP address for sitefinder.verisign.com. VeriSign called this redirection its SiteFinder service.

The organization that oversees Internet policies--the Internet Corporation for Assigned Names and Numbers (ICANN)--gave VeriSign until 6:00 p.m. on October 3, 2003, to stop its SiteFinder service and restore the .com and .net Web domains--or face sanctions.

According to ICANN, VeriSign's actions were having widespread implications. In "UPDATE 2-VeriSign to halt new service as demanded" (http://www.reuters.com), Reuters reported on ICANN's statement about the SiteFinder service: "'There have been widespread expressions of concern about the impact of these changes on the security and stability of the Internet,' ICANN said in its statement. SiteFinder is rendering spam filters ineffective, adversely affecting other automated Web tools and services, creating a single point of failure 'that is likely to be attractive to deliberate attacks' and raising serious privacy issues, according to ICANN. VeriSign's activation of SiteFinder is 'not consistent' with its contract to serve as the main database keeper of all addresses in the '.com' and '.net' domains, ICANN added."

On October 3, VeriSign complied by suspending its controversial new SiteFinder service. "We will accede to the request while we explore all of our options," VeriSign spokesman Tom Galvin told Reuters. Galvin also said that ICANN was using "anecdotal and isolated issues to attempt to regulate non-registry services, but in the interests of further working with the technical community, we will temporarily suspend SiteFinder."

VeriSign's SiteFinder service caused an enormous amount of negative backlash from the Internet community. Why so many people were outraged is easy to see. VeriSign wasn't shy about promoting its services on the SiteFinder Web page, claiming that the Web page would improve the Web-browsing experience. Granted, a friendly error message on a redirect page might improve the Web-browsing experience for the novice user, but an error message on a page filled with numerous VeriSign advertisements is blatant self-promotion.

VeriSign isn't the first registry service provider to test or implement a redirect service. What's shocking is that VeriSign didn't consider the negative ramifications--or maybe it did and didn't care. At least three Internet companies have filed lawsuits against VeriSign.